ef93a4bace831b4776f38a843bf4c53561d5314d653a4e27fc09ae448f606995 | Triage

Sharing

General

Target

ef93a4bace831b4776f38a843bf4c53561d5314d653a4e27fc09ae448f606995
Size

315KB
Sample

221127-khq8wage3x
MD5

0e65a24627a892cec97edbbfe21df7b9
SHA1

81a6b428b27ef454d0c87a9ab4c7771db464a8c2
SHA256

ef93a4bace831b4776f38a843bf4c53561d5314d653a4e27fc09ae448f606995
SHA512

4bf4cfb4649eb8cb74b3413a5ce11c5d0315faee1177c628c596121a4d83795a8d35247c385698fe4bb1d2efc19798413cc397b6708e8b021f5f25bd8839321e
SSDEEP

6144:zr3bUzkuvcBYC47l2xiFjox21H9mbWnqnHB/Jc9BItkszgx4ygDA:zrckuveY3fFj4ThVkszC4yh

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ef93a4bace831b4776f38a843bf4c53561d5314d653a4e27fc09ae448f606995
- Size
  
  315KB
- MD5
  
  0e65a24627a892cec97edbbfe21df7b9
- SHA1
  
  81a6b428b27ef454d0c87a9ab4c7771db464a8c2
- SHA256
  
  ef93a4bace831b4776f38a843bf4c53561d5314d653a4e27fc09ae448f606995
- SHA512
  
  4bf4cfb4649eb8cb74b3413a5ce11c5d0315faee1177c628c596121a4d83795a8d35247c385698fe4bb1d2efc19798413cc397b6708e8b021f5f25bd8839321e
- SSDEEP
  
  6144:zr3bUzkuvcBYC47l2xiFjox21H9mbWnqnHB/Jc9BItkszgx4ygDA:zrckuveY3fFj4ThVkszC4yh
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2